How to Decrypt WebLogic Console & Java Keystore Password

How to Decrypt WebLogic Console & Java Keystore Password

If we want to find the password of weblogic console and we have forgot.

Steps:

1) Go to Oracle bin directory (oracle_home/common/bin)

2) Execute the wlst.sh

./wlst.sh

You will get WLST prompt in offline mode, invoke the following command

wls:/offline> domain = "/u01/apps/user_projects/domains/domain_name"

Note: change the domain path if necessary

wls:/offline> service = weblogic.security.internal.SerializedSystemIni.getEncryptionService(domain)

wls:/offline> encryption = weblogic.security.internal.encryption.ClearOrEncryptedService(service)

wls:/offline> print encryption.decrypt("{AES}WDhZb5/IP95P4eMDGRDs01kawSeliV59aFog1jE=")

 welcome1

wls:/offline>

Note: encrypted code starting with AES you can find in a boot.properties file at DOMAIN_HOME/server/AdminServer/security folder.

Password is decoded – welcome1

If you want to WebLogic Java keystore password, then you can use the following wlst method to decode it.

Invoke wlst.sh from Oracle home>>bin directory and execute the below commands

wls:/offline> domain = "/u01/apps/user_projects/domains/domain_name"

Note: Change the domain path if necessary

wls:/offline> service = weblogic.security.internal.SerializedSystemIni.getEncryptionService(domain)

wls:/offline> encryption = weblogic.security.internal.encryption.ClearOrEncryptedService(service)

wls:/offline> print encryption.decrypt("{AES}WDhZb5/IP95P4eM8jwYITiZs01kawSeliV59aFog1jE=")

 welcome1

wls:/offline>

Note: encrypted string starting with AES, you can find in config.xml

You may face the following issue while decrypting.

wls:/offline> print encryption.decrypt("{AES}WDhZb5/IP95P4eMDGRDs01kawSeliV59aFog1jE\=")

Traceback (innermost last):

File "<console>", line 1, in ?

at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptBytes(JSafeEncryptionServiceImpl.java:139)

at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptString(JSafeEncryptionServiceImpl.java:187)

at weblogic.security.internal.encryption.ClearOrEncryptedService.decrypt(ClearOrEncryptedService.java:96)

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)

at java.lang.reflect.Method.invoke(Method.java:597)

weblogic.security.internal.encryption.EncryptionServiceException: weblogic.security.internal.encryption.EncryptionServiceException

If you are encountering the above error, then you got to remove the forward symbol at the end.

From

wls:/offline> print encryption.decrypt("{AES}WDhZb5/IP95P4eMDGRDs01kawSeliV59aFog1jE\=")

To

wls:/offline> print encryption.decrypt("{AES}WDhZb5/IP95P4eMDGRDs01kawSeliV59aFog1jE=")

If you like please follow and comment